SecureWorks Corp. (NASDAQ:SCWX) Q1 2024 Earnings Call Transcript June 8, 2023
SecureWorks Corp. misses on earnings expectations. Reported EPS is $-0.18 EPS, expectations were $-0.15.
Operator: Good morning, everyone. My name is Bruno and I will be your conference operator for today. At this time, I would like to welcome everyone to the SecureWorks First Quarter Fiscal 2024 Financial Results Conference Call. [Operator Instructions] A supplemental slide presentation to accompany the prepared remarks can be found on the company’s website. [Operator Instructions] At this time, I would like to turn the call over to Kevin Toomey, SecureWorks Vice President of Investor Relations. Mr. Toomey, you may begin your conference.
Kevin Toomey: Thanks, everyone, for joining us. With me this morning are Wendy Thomas, our CEO; and Christian Grant, our Interim CFO. During this call, unless otherwise indicated, we will reference non-GAAP financial measures. You will find the reconciliations between these GAAP and non-GAAP measures in the press release and presentation posted on our website earlier today. Please also note that all growth percentages refer to year-over-year changes unless otherwise specified. Finally, I’d like to remind you that all statements made during this call that relate to future results and events are forward-looking statements based on current expectations. Actual results and events could differ materially from those projected due to a number of risks and uncertainties, which are discussed in our press release, web deck and SEC filings. We assume no obligation to update our forward-looking statements. Now I’ll turn the call over to SecureWorks CEO, Wendy Thomas.
Wendy Thomas: Thank you, Kevin, and welcome, everyone. Taegis continues to lead the industry with 68% year-over-year revenue growth, expanding to $63 million in the first quarter. Taegis annual recurring revenue expanded to $269 million at the end of the first quarter and now represents over 85% of our total ARR, up from less than half of total ARR this time last year. To put that into context, this quarter, we were recognized by multiple leading industry analyst reports as one of the top three largest providers of managed detection and response in the market. That’s important because customers have a choice in a noisy market and they’re choosing SecureWorks. In my conversations with potential customers, in this climate of increased focus on fiscal responsibility, they are focused on the win-win that Taegis can deliver.
A solution that helps them consolidate and reduce the number of security vendors that they have to manage, that scales their spend on both security technology and talent while simultaneously delivering an improved security risk posture and outcomes. We are well positioned to address this market need based on our unique approach to the design of our Taegis XDR platform and customers are reaping the benefits of our XDR enabled MDR. We solved the signal-to-noise problem that drives alert fatigue from multiple point products. We provide a comprehensive protection to stop adversaries who look between point products and our open without compromise approach gives customers choice, future flexibility and an easy deployment path to achieve comprehensive detection and response.
In this vein, we are addressing an acute need to replace legacy SIMs, which are difficult to deploy and configure and their complexity makes them costly to maintain. For example, in first quarter, we won a global provider of smart building solutions that came to SecureWorks originally for penetration testing services. We quickly discovered a ransomware attack despite their significant investments in a SEM, an endpoint and vulnerability management technologies. Like so many organizations, they did not have the resources to constantly manage the SEM until left many of their office locations unmonitored. They quickly recognize the return on investment of managed detection and response with Taegis, reduce their vendor sprawl and spend while fully securing their entire environment.
Customers choose Taegis for its measurable and superior return on investment that lets them streamline security vendors and spend, increase the value of uptime of their business operations and revenue streams and the ability to optimize investments in internal security teams, all while achieving superior security outcomes, quantifiable risk reduction. We also expanded our platform capabilities and portfolio of offerings this quarter. We recently announced two new offerings to unify the way companies prevent, detect and respond to threats across both OT and IT environments, eliminating the visibility challenges often associated with the separation of those systems and addressing the risks of greater attack service exposure in legacy OT systems.
Industrials and multiple sectors have been increasingly under attack by threat actors. And with our significant presence and expertise in this vertical today, we see untapped potential to solve a pressing security needs by unifying detection and response across OT and IT via the Taegis platform and staying true to our overall approach to XDR. The pricing is simple and predictable, endpoint-based upcharge with no data overage, storage or other surprise fees. In support of customer choice and aligned with our pillar to be open without compromise, we recently added out-of-the-box support for a growing integration request from our customers and partners, SentinelOne’s Singularity Complete. Taegis now ingest SentinelOne telemetry into an overall view of cloud identity, network and other application data in the Taegis XDR UI, enriches and correlates that data with threat context and applies our unique detectors and response actions in the platform to drive superior security outcomes.
With our unique approach in Taegis, customers can leverage a single EDR agent for holistic XDR and MDR coverage, further removing the friction and complexity of multi-vendor environments. With this addition, we now integrate seamlessly with nearly 70% of the endpoint market, another example of how we optimize customers’ existing and future cybersecurity investments while also providing the breadth of security coverage they need. Taegis is increasingly there’s no pane of glass for our customers’ entire security stack. We recently won a partner source deal with a manufacturing company that had a small IT team, no stock and very limited visibility into their environment. And a competitor in their space had recently been the victim of a cyber-attack and data breach, creating urgency and their leadership team around ensuring they could prevent a similar breach.
The customer had recently implemented SentinelOne with our partner, and our demo and proof-of-concept demonstrating the ease of deployment and holistic visibility of XDR while leveraging their existing single agents. Those are what steal the deal. Another topic that is top of mind for customers and investors is how we leverage and govern AI in our Taegis platform and offering. From the beginning, AI has been part of our Taegis platform vision and architecture leveraged to drive more effective and faster, the detection and response outcomes for customers. Among many approaches, we leverage deep learning and machine learning and our thousands of detectors to find the true positives that other products miss. And AI-enabled threat scores support the prioritization of the hundreds of billions of alerts and indicators we receive from our customers daily.
While approaches in AI algorithms can change rapidly, the key to staying ahead is having vast amounts of labeled training data, and we believe that we have one of the most valuable security training datasets globally. For example, we’ve performed more than 10,000 investigations annually for more than a decade. Leveraging that dataset, we recently implemented natural language processing, generative AI and other techniques to automate approximately 45% of our Taegis security investigation reports. While more opportunity lies ahead, this has further improved our market-leading response time for customers and the efficiency of our security operations. While AI is not a panacea and is not applicable to all security use cases, we are well positioned to capitalize on its momentum and opportunity.
We have a deep bench of data scientists, software engineers and threat researchers working on a true XDR platform designed to take advantage of advancements in AI and data analytics to rapidly innovate to improve outcomes for our customers while protecting their most valuable assets. As importantly, we have educated our team and put in place sustained governance around the responsible use of AI, and we’ll continue to safely incorporate it into our business and service of customers, teammates and investors. I’ll now turn to our go-to-market. We are in the early innings of our go-to-market transformation, aligned to our Taegis centric business model, but I’m pleased with our progress. We designed Taegis to be transparent and collaborative providing flexibility and optionality around who manages detection and response activities.
This enables MDR to be delivered by SecureWorks, a partner or a customer’s own SOC team, all leveraging Taegis XDR. In addition to solution providers as a go-to-market path, this has enabled us to tap into the MSSP market opportunity, enabling partners to deliver high margin and effective MDR leveraging Taegis. In Q1, one of our MSSP partners worked with us on an MDR deal with a data analytics software provider that was using multiple security providers to manage different aspects of their security operations. They had a small security team, which made it challenging for them to keep track of threats and costly to manage and get the security value across these disparate partners. Taegis has brought the holistic streamlined approach they needed while also addressing their growing compliance needs, with the scaled MDR services from our partner.
Recall that last December, SecureWorks launched our partner first go-to-market approach in North America, elevating our collaboration with critical managed service and solution providers as well as technology alliance partners. Our open without compromise strategy creates greater business opportunities for partners of all types. As an indicator of traction in first quarter, more than 60% of global Taegis new logo business was closed with a partner, up from 40% this time a year ago and partners with active pipeline have increased 40%, leading to a doubling of our partner pipeline in first quarter, a trend we expect to ramp over the course of this year. And we will continue to extend this partner-first strategy globally over the course of this year.
We’ve brought in a seasoned Chief Revenue Officer to accelerate our go-to-market transformation. Allan Peters comes with a powerful combination of CRO leadership across SaaS, security product and services companies with a partner-led sales approach. He brings demonstrated success in driving incremental ARR growth by accelerating new customer acquisitions, platform adoption and channel growth and an expanding gross margin through better solutions mix and discount control, all driving improvements in key sales efficiency measures. Before I transition into our path to profitable growth, I’ll just add color on our perspective on the macro environment in terms of its impact on sales. We did see longer sales cycles in first quarter than a year ago, largely as a result of increased layers of deal review at customers.
But those sales cycle times have been largely in line with more recent quarterly trends. Based on what we see currently, we expect this to continue in the near term. We are driving our business to profitable growth as we complete our business transformation. Taegis continues to perform, growing faster than the industry and scaling gross margin. And as a business, we have and will continue to take decisive actions to align our cost structure with the SaaS nature and the revenue opportunity of our Taegis-centric business model. While Chris will provide more details, I’ll highlight three primary areas of action that give us confidence in our ability to drive growing profitability into next year. First, we will continue to take advantage of automation and scale throughout the business.
Second, our go-to-market transformation, in addition to benefiting the top line will drive increased sales efficiency. Third, we are accelerating the reduction of the remaining duplicative and transition costs as we wind down our other MSS business. Of note, the second quarter of this fiscal year will represent the inflection point for total revenue for SecureWorks with a return to sequential total revenue growth in the second half of this year. Very shortly, Alpana Wegner, will join us as our new CFO. Alpana brings to SecureWorks extensive experience developing business strategies, to drive outsized growth and strengthening organization’s financial profiles by increasing scale and expanding EBITDA margins through operational efficiency. We have a clear path and a commitment to managing our business to profitable growth.
I want to thank our customers and partners for joining forces with us and my thanks to our teammates for their hard work and commitment to the SecureWorks mission of securing human progress. I particularly want to thank Chris Grant for his partnership and support acting as our Interim CFO for the past month. And with that, I’ll turn the call over to Chris to walk through our financial results and guidance.
Christian Grant: Thanks, Wendy. Good morning, everyone. Today, I will cover our first quarter results and outlook for the second quarter and fiscal year 2024. Total revenue was $94.4 million in the first quarter, which compares to our guidance of $96 million to $98 million. The lower total revenue was driven by accelerated wind down of our other MSS business and customers delaying professional services projects. As a reminder, our professional services business includes both retainer-based and transactional services. In Q1, the delays we saw were in the transactional revenue, which can fluctuate from quarter-to-quarter due to the dependency on customer resource availability. Adjusted EBITDA loss was $20.1 million compared to a $7.8 million loss in prior year first quarter.
The overall change was driven by the other MSS and professional services revenue just discussed. Offset by Taegis gross profit expansion and OpEx savings as we continue to align our cost structure with our Taegis-centric business. Overall, Taegis business performed in the first quarter as expected. Taegis subscription revenue was $62.6 million, up 68% year-over-year, in line with expectations. Taegis ARR increased nearly $90 million year-over-year to $269 million now representing more than 85% of our total ARR. With our resolutioning efforts substantially completed at the end of fiscal ’23, the majority of our Taegis ARR growth this quarter was driven by new logos, upsell and cross-sell. Average revenue per Taegis customer was approximately 132,000 and we’ve added 600 Taegis customers since the first quarter of last year, representing year-over-year growth of 43%.
I would like to highlight that Taegis average revenue per customer remained at a premium to the industry average. We took the unique approach of bundling a number of core capabilities such as one-year data retention, orchestration and hunting playbooks, endpoint agent and unlimited response in our core offering. Our higher average revenue per customer than our competitors benefits from the strategy and our target buyer segments. To provide more insights into the underlying financials of our Taegis business, we’ve enhanced our disclosures this quarter, providing a breakout of Taegis cost of revenue and gross margin. Taegis gross margin continues to scale, reaching 70% this quarter, 110 basis points higher than the first quarter a year ago. As we move towards the other MSS end of life in Japan in Q1 of next year, ARR and revenue in that business will continue to wind down.
We anticipate eliminating the remainder of our other MSS cost structure at the same time that we sunset other MSS in Japan in Q2 of next year. As Wendy shared, we have also been actively managing down our OpEx as we align our expense base to our Taegis-centric business. Turning now to our cash and balance sheet. We finished the quarter with a strong balance sheet with $95 million of cash, no debt and an undrawn credit facility. We used $42 million of cash from operations compared with $25 million used in the prior year first quarter, which primarily reflected lower adjusted EBITDA. As a reminder, our first quarter is seasonally the highest use of cash due to annual incentive payouts. Turning to our guidance for the second quarter and fiscal year ’24.
We are reiterating our guidance for Taegis ARR to end FY ’24 at $300 million or higher. We expect other MSS ARR to represent approximately 5% of total ARR at the end of this fiscal year. Our full year total revenue guidance range is $380 million to $400 million with second quarter revenue of $90 million to $92 million. We continue to anticipate full year Taegis revenue to be $270 million to $280 million. Taegis gross margins are expected to expand from first quarter level as we progress throughout the year. The benefit of that within the total gross margin will be offset by duplicative fixed and transition costs as we sunset support for our other MSS services in Japan. We have previously stated that there are approximately $25 million of duplicative fixed and transition-related costs that we are incurring with $15 million in cost of revenues and $10 million in operating expenses.
As we turn down other MSS services, we will manage the related cost out, one of several positive impacts to our operating structure in fiscal ’24 and fiscal ’25. As Wendy shared, we are actively managing our cost structure. We expect reductions in our operating costs to begin in the second half of the year as we align our resource allocation based on the faster runoff of the other MSS business. We have experienced significant improvements in our cost structure from our ongoing use of automation. We continue to drive automation and scale into our growing SaaS business. As our teams deploy AI across operations, we see improvements in all areas of our business, both in ways that directly benefit customers and in the scale of our operating model.
Our investment in sales and marketing over the past year have enabled the repositioning of our brand, completing the resolutioning outside of Japan and supporting our transition to partner first model. It is early days in our partner first go-to-market. But with the resolution behind us in North America, we began recomposing our sales force by expanding our hunter capacity and reducing investments in account executives focused on resolution. This will be apparent in lower sales and marketing dollars spent this year as we are no longer compensating account executives to move existing customers from our other MSS platform to Taegis. R&D will also trend lower as we continue to reduce our engineering support costs related to our other MSS business.
Full year adjusted EBITDA range is expected to be between negative $29 million and $39 million. Finally, full year non-GAAP EPS loss is expected to be between $0.34 and $0.43. We expect Q2 non-GAAP EPS loss to be between $0.15 to $0.17. In summary, Taegis continued to show strong momentum in the first quarter, in line with our expectations. As the sunset of our other MSS accelerates and we benefit from scale on our Taegis-centric business, Q2 is the trough in the transformation of our business. We expect our actions in fiscal ’24 to lead our business to profitable growth next year. Thank you for joining us on the call today. Wendy will rejoin us as we begin Q&A. Operator, can you please introduce the first question.
See also 12 Best Short Squeeze Stocks to Buy Now and 11 Best Health Insurance Stocks to Buy.
Q&A Session
Follow Secureworks Corp
Follow Secureworks Corp
Operator: [Operator Instructions] And our first question comes from Saket Kalia from Barclays. Saket, your line is now open. Please go ahead.
Saket Kalia: Okay. Great. Hi, good morning, guys. Thanks for taking my questions here.
Wendy Thomas: Good morning.
Saket Kalia: Wendy, maybe for you. Appreciated the talk about ROI on Taegis in your opening remarks. I was wondering if you could just go one level deeper into that. And I guess the question is, based on your conversations with customers, where do you think — or how do you think Taegis is driving the most ROI for those customers?
Wendy Thomas: Sure. Great question. Thanks, Saket. Hope you’re doing well. We really see three primary areas, and I will try to do them in sort of order of magnitude, order — the first one is clearly the productivity of their IT and security teams. When we think about the burden moving off of their team in terms of managing or building integrations, building detectors, the automation in the investigation and the response workflow. If there is — if they have MDR with us or our partner that aspect of unlimited incident response for high and critical alert from Taegis. So they can either — and they do both kinds of math, I don’t need to struggle to hire and retain scarce security talent or as much or very often, they can turn their team to sort of the strategy of their security program as opposed to kind of the day-to-day management.
Just talking to us [indiscernible] earlier this week who was looking to move on that journey now that she had moved to Taegis. The second one is they can clearly see a path to displace spend and frankly, the friction of managing a lot of different vendors. As you know, we continue to expand the XDR platform and a lot of individual point products for now, frankly, features or capabilities of Taegis. And of course, we include the endpoint agent, which we often see organizations deploy our agent in areas where they didn’t deploy any type of other AV-type agent because it’s included in the pricing and things like our ability to include one year of storage, you don’t need separate log retention. Those are great examples of the path that can go on, on that front.
And then the third one, which is a little bit harder to measure depending on the organization, but there’s just less business downtime and user friction. Sometimes that does show up in terms of cyber insurance, actually lower rate. But a lot of times, it’s just their sense of their ability to provide assurances to their Board that they know how absolutely full holistic coverage and, frankly, often better coverage than they had before for the same spend. So those are really the three areas I’d point to.
Saket Kalia: Got it. Got it. That’s helpful. Maybe for my follow-up for you, Christian. You touched on some of these in your prepared remarks, but I just wanted to make sure I was clear. So for the 14% — roughly 14% of ARR and other MSS that is largely Japan. Can you just talk about sort of when that’s expected to mostly go to zero? And then relatedly, the magnitude of the duplicative costs and sort of the path for those winding down presumably to zero as well?